top of page

EC2.13

Security groups should not allow ingress from 0.0.0.0/0 to port 22

Severity

Cloud Platforms

Resources

Related Standards

Automated

HIGH

AWS

Amazon EC2

AWS CIS Foundations v1.2, AWS Foundational Technical Review, CIS v8, PCI DSS v3.2.1, CDR, ISO27001, SOC2, NIST CSF, NIST.800-53.r5,

YES

Security groups provide stateful filtering of ingress/egress network traffic to AWS resources. It is recommended that no security group allows unrestricted ingress access to port 22.

bottom of page